Slashdot Mirror
Quantum Cryptography Gets Nanotube Boost
c1ay writes "In an article at the ScienceDaily News it is reported that two researchers at the University of Rochester have discovered a new property of carbon nanotubes, ideal photon emission. "The emission bandwidth is as narrow as you can get at room temperature," says Lukas Novotny, professor of optics at Rochester and co-author of the study. Such a narrow and steady emission can make such fields as quantum cryptography and single-molecule sensors a practical reality. RSA and Elliptic Curve wouldn't stand a chance against this unbreakable encryption."
Nanotubes Surprise Again: Ideal Photon Emission
Sept 5, 2003 -- Carbon nanotubes, recently created cylinders of tightly bonded carbon atoms, have dazzled scientists and engineers with their seemingly endless list of special abilities--from incredible tensile strength to revolutionizing computer chips. In today's issue of Science, two University of Rochester researchers add another feat to the nanotubes' list: ideal photon emission.
"The emission bandwidth is as narrow as you can get at room temperature," says Lukas Novotny, professor of optics at Rochester and co-author of the study. Such a narrow and steady emission can make such fields as quantum cryptography and single-molecule sensors a practical reality.
The emission profile came as a surprise to Todd Krauss, assistant professor of chemistry at the University, and Novotny. They had set out to simply define the emission, or fluorescence, of a single carbon nanotube. By using a technique called confocal microscopy, the team illuminated a single nanotube with a strongly focused laser beam. The tube absorbed the light from the laser and then re-emitted light at new frequencies that carried information about the tube's physical characteristics and its surroundings.
The light emitted from the nanotube was in precise, discrete wavelengths, unlike most objects like molecules that radiate into a broader (i.e. more "fuzzy") range of wavelengths at room temperature.
But a greater surprise was in store for the team.
"The emission wasn't just perfectly narrow, it was steady as far as we could measure," says Krauss. In a strange quirk of quantum physics, molecules usually emit their photons for a certain time and then cease, only to resume again later, like a telegraph signal. The tubes that Krauss and Novotny measured, however, remained steady beacons to the limits of their instruments' sensitivity. "This is very exciting because for any application in quantum optics, you want a steady and precise photon emitter," says Novotny.
Narrow emissions and a complete absence of blinking have tempting implications for single photon emitters--devices needed to dependably release a single photon on command. The U.S. Department of Defense is very interested in developing quantum cryptography, a theoretically unbreakable method of coding information, which necessitates a reliable way to deliver single photons on demand.
Other applications come in the form of sensors so sensitive they can detect a single molecule of a substance. For example, when a biological molecule such as a protein binds to a nanotube, the nanotube's perfect emission changes, revealing the presence and characteristics of the molecule. Detecting the change would be impossible if it weren't for the remarkably steady nature of the nanotube emission, because a researcher wouldn't know for certain if a sudden change in the emission was just a blink, or was meant to indicate the presence of the target molecule.
Until just a few months ago, determining the emission characteristics of a nanotube was impossible. Carbon nanotubes cannot be made individually-rather they come as a jumble like a pile of spaghetti. Trying to measure the photon emission of a tube in the jumble is impossible because the tube will pass the photons it absorbs to other tubes instead of re-emitting them in its telltale fashion. What scientists end up with is a sort of average of what the collection of tubes will emit--not the emission characteristics of a single tube. Only within the past few months have researchers figured out how to remove a single nanotube from the pile of spaghetti in order to study its properties as an individual.
Krauss and Novotny are now devising experiments to test the steadiness of the nanotube fluorescence beyond the range of the initial experiments, and are pursuing studies aimed at determining the ultimate minimum possible emission bandwidth at ultracold temperatures.
This work was funded by the National Science Foundation, the U.S. Department of Energy, the Research Corporation, and the New York State Office of Science and Academic Research.
Editor's Note: The original news release can be found here.
This story has been adapted from a news release issued by University Of Rochester.
http://www.cs.dartmouth.edu/~jford/crypto.html
http://www.aip.org/pt/vol-53/iss-11/p22.html
Mostly a theoretical breakdown of the advantages of quantum encryption, in fairly easy to understand language.
Single-walled carbon nanotubes (SWNTs) are synthesized as mixtures of metallic and semiconducting tubes (1). Their individual structures can be characterized by two integers [(n,m)] that define both their diameter and chirality (2); if (n - m) is not divisible by 3, the nanotubes are semiconducting. Recently, the photoluminescence of SWNT mixtures suspended in surfactant micelles in water was characterized as arising from band-gap fluorescence from semiconducting tubes with different structures (3, 4). Such a spectrum (Fig. 1A) (5) contains overlapping fluorescence features. However, ensemble averaging obscures the true spectral linewidths and the details of the band shape. These optical properties are likely needed for the development of SWNT photonic applications, such as nanometer-scale, integrated electroluminescent devices (6).
We measured the electronic structure of individual SWNTs using single-molecule photoluminescence spectroscopy. Although the spectra from individual SWNTs with identical diameters were similar, they exhibited a distribution of peak positions and linewidths not observed in ensemble studies of isolated SWNTs (3, 4, 7). Unlike most single molecules (8) or semiconductor nanoparticles (9), the fluorescence for SWNTs does not show any spectral or intensity fluctuations.
Spatially isolated individual SWNTs were achieved by spin-coating 75 l of the SWNT suspension onto a glass coverslip (5). Fluorescent samples are known to contain short (200 nm long) SWNTs isolated in micelles (3). Thus, we expected the spin-coating procedure to result in single SWNTs well dispersed on a thin surfactant layer. Indeed, atomic force microscopy measurements revealed predominantly short SWNTs (with lengths of 200 to 300 nm) on top of residual surfactant patches a few nanometers thick. Optical characterization of SWNT coverage was achieved through confocal Raman imaging (10, 11) and indicated a density of 10 to 20 Raman-active nanotubes per 100 m2. Laser excitation at 633 nm ensured a spectral isolation of all Raman signals, which occur between 633 and 770 nm, from the fluorescence signals above 850 nm.
Figure 1B shows three fluorescence images of the same sample area, representing the collected number of photons at every pixel within the spectral windows marked in Fig. 1A. All images show distinct bright spots at different positions, indicating isolated emission sources with different emission energies. Figure 2A displays representative spectra detected at these bright spots for the three wavelength regions marked in Fig. 1. Each spectrum exhibits a single fluorescence band with a smooth line shape. The three spectra have emission maxima at wavelengths of 1016, 955, and 914 nm, respectively, which match three transitions observed in the ensemble spectrum (Fig. 1A).
Low-energy Raman features that correspond to scattering from the radial breathing mode (RBM) were used to verify that the observed emissions were from individual SWNTs. Raman spectra (Fig. 2B) were detected at identical sample positions (noted in Fig. 2 as 1, 2, and 3) as those used to obtain the fluorescence spectra in Fig. 2A. The frequency of the RBM (, in cm-1) directly reflects the diameter of the SWNT (D, in nm), through = (223.5/D) + 12.5 (4, 12), and can be used to uniquely identify the structural parameters (n,m) (13). For all three sample positions, only one RBM peak (corresponding to the same individual SWNT) was observed within the instrument-limited linewidth of 10 cm-1.
The observed emission energies and corresponding RBM frequencies are listed in Table 1, along with values obtained from fluorescence of ensemble samples (4). Nanotubes with emission beyond 1030 nm will not be observed with our detector (Si CCD); thus, we can compare single nanotube fluorescence and Raman RBM data sets to ensemble data sets for a subset of all possible nanotube structures (Table 1). The mean measured fluorescence energy for a given SWNT structure (supporting online text), for resonant and nonresonant excitation, matches very
Maybe you were being sarcastic, but to those who don't know you can't brute force a one-time pad. When you look at all possible results for brute forcing a one-time pad; it's all possible plain text combinations for that length of message. So there could be 1000s of message that "make sense" but you'll never be able to tell which is the right one unless you already know a lot about the message being sent.
brute force in the sense of trying just tons of combinations, but with a true one time pad any one result is just as likely as any other so there is no determinant way to truly break a true one time pad. You couldn't ever tell if a 5 character piece encrypted with a one time pad would say "Hello" or "bitch" because the possible combinations with an unknown one time pad are just as likely
To skip right to the heart of it, from the article, here's how it can be broken:
"Quantum cryptographic techniques provide no protection against the classic bucket brigade attack (also known as the ``man-in-the-middle attack''). In this scheme, an eavesdropper, E (``Eve'') is assumed to have the capacity to monitor the communications channel and insert and remove messages without inaccuracy or delay." http://www.cs.dartmouth.edu/~jford/crypto.html
Not exactly "unbreakable". Thanks to whoever posted that link earlier.
Observing the state of a photon would change it. This makes quantum encryption perfect for evesdropping situations. You will know if someone has seen your data. Also, you can't be sure of it's exact path. The thing about those pesky subatomics is that you can't know their exact position and path at the same time.
yah, the more accurate phrase IMO is Quantum Key Exchange. You simply exchange a key and then use whatever encryption algorithm you want.
Observing the state of a photon would change it. This makes quantum encryption perfect for evesdropping situations. You will know if someone has seen your data. Also, you can't be sure of it's exact path. The thing about those pesky subatomics is that you can't know their exact position and path at the same time.
..fine if you can afford end-to-end links with everyone you want to communicate with of course, but not so good if you're switching along the way (as the parent you so cleverly responded to made quite clear, really)
Pity anyone can install a sniffer on the router where's it's decoding the packets from one quantum cable and adding them to the next..
The link you provide assumes that Eve can monitor the communications channel and insert/remove messages. Yes, those are the prerequisites for a MITM attack. But those are also precisely the things that quantum crypto protects you against.
The link assumes that photons will be sent in bursts, rather than one at a time. This is not the case. They are actually sent fairly infrequently, in order to avoid the possibility that two could be sent simultaneously. Also, even if more than one were sent, it is unlikely to be helpful to an attacker, since multiple photons would not necessarily have the same characteristics.
The link furthermore makes the assertion that Eve could somehow duplicate a photon. This makes it clear that the author is a CS grad student and not a physics grad student. The Heisenberg uncertainty principle prevents this duplication.
In short, don't believe everything you read... especially if it's on the web.
The key distribution problem can be partially solved by quantum mechanics using the idea of quantum key distribution (QKD). The first and best-known protocol, usually called "BB84" because it was published in 1984 by Charles Bennett and Gilles Brassard,6 is described in the box below. In a prototypical QKD protocol, Alice sends some nonorthogonal quantum states to Bob, who makes some measurements. Then, by talking on the phone (which need not be secure), they decide if Eve has tampered with the quantum states. If not, they have a shared key that is guaranteed to be secret. Note that Alice and Bob must share some authentication information to begin with; otherwise, Bob has no way to know that the person on the phone is really Alice, and not a clever mimic. The key generated by QKD can subsequently be used for both encryption and authentication, thus achieving two major goals in cryptography.
Taken from Physics Today
'The staff in the hand of a wizard may be more than a prop for age,' -Hamá, the doorward
I am sorry, while you are completely right that this is in practice unfeasible, photon number splitting (PNS) attacks are well studied attacks. If you want some serious information about it, have a look at quant-ph/0302037. There are analysis for PNS attacks with actual (and good) parameters for photon emission, which show that e.g. BB84 over 50km would be insecure against these attacks.
;-)
Basically you don't want to duplicate photons, you just steal a photon. If there are losses on the quantum channel (which is the case), then Bob cannot be able to distinguish if the photons have been stolen or lost. The assumption is that Eve has noiseless connections from Alice and to Bob.
And yes, I am a CS grad. But I know a couple of theoretical physicists who would agree with me
Quantum cryptography is a method for using quantum physics to make sure nobody reads your bits. Technically cool, but seldom practical. If you happen to have direct fibers connecting you with the people you want to talk to, it might be useful, though it's probably more useful and certainly cheaper to just run Gigabit Ethernet and use conventional encryption, such as AES.
Quantum computing is a totally different animal. It uses Quantum Black Magic to create a computer which can collapse a waveform and have it land at the solution of some classes of NP or similarly problems with at least some significant probability of success, thereby cheating on the fact that it normally takes an exponential or at least superpolynomial number of guesses to find a correct answer. One problem that can theoretically be solved if you have a quantum computer of sufficient resolution is factoring - which means that if such a device were developed, it would break RSA and several other public-key algorithms, whose strength depends on them being exponentially hard if you don't have the key and low-order polynomially hard if you have it. For some other classes of algorithms, it doesn't totally break them, but reduces their strength to half the number of bits, i.e. square-root as hard as before, so you'd need to use twice as many key bits. For algorithms like Elliptic Curve, it's not clear whether they'd be broken, but they'd be a lot more dodgy.
The implications of breaking them are that right now, public key lets you build a lot of very useful communication models. It's hard to replicate signatures without PK, but the privacy applications could be replaced by going back to the old Key Distribution Center models, e.g. Kerberos, which are much less socially powerful.
Building a useful quantum computer requires building something that can detect states with sufficient precision. We currently have the technology to make simple quantum computers (one famous one was able to factor the number 15 into 3x5) but nobody knows how to get high precision yet. One question I don't know is whether a QC would be limited by the Heisenberg Uncertainty Principle (i.e. you've got one variable with a resolution that's never better than Planck's Constant, about 10**-47, which is slightly annoying cryptographically but not fatal because you can use longer keys), or whether it can be built by coupling together a number of units, each of which only needs enough precision to get N bits of the output and you get longer numbers of bits by using more units (that would be much more annoying.) We're nowhere near this yet, but it's the one technology that doesn't run into the typical exponential cryptography "brain the size size of the planet of a planet waiting for the Restaurant at the End of the Universe and still don't have an answer, I'm so depressed" kind of limits that we can easily create otherwise.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
That's not quite true; quantum cryptographic signals are not used to exchange messages, but only to guarantee a secure exchange of keys. These keys are then used to generate an unbreakable one-time pad encryption of the message, which can be broadcast publically without fear since only someone holding the key can decrypt it.
The one-time pad is one of the simplest encryption algorithms there are: you generate a random key as the same length as your message, then add the two together. You end up with something statistically indistinguishable from a random string of bits, which can only be decoded by someone who has the same key. The big drawback of the one-time pad is that somehow you have to get the recipient a copy of the key, which via non-quanum methods (eg a courier) are always open to interception.
Quantum key exchange uses entanglement to ensure that the sender and recipient can exchange keys, and be sure with arbitrary accuracy that no-one has intercepted the key -- because any attempt to intercept the key leaves a tell-tale sign. So it doesn't exactly prevent someone from stealing the key -- it just prevents them from doing so without you knowing.
It's true that at present this key exchange can only be done over a fibre-optic network, but there's no fundamental reason why it couldn't be done by other means. For example, when quantum computing becomes practical, it might be possible to use entangled qubits -- you and I could each have a "memory stick" of billions of entangled electron pairs, and when we wanted to exchange a message we'd just use up entangled pairs as needed.
Moreover because it's a key exchange, it could be possible to set up "key distribution centers", linked by fibre-optic networks. Then when we want to exchange a message, we first head down to our local centre and generate a key. Of course that's slightly less physically secure since maybe you'll be mugged on the way home, but it's stills secure against electronic eavesdropping. Even without such centres, it's obvious that many commercial establishments -- eg banks and stock exchanges -- could set up private fibre networks to guarantee secure data exchange.
However one shortcoming of current quantum crypto algorithms is that they're only useful for one-to-one communication -- you can't securely ditribute a key to many people. That's probably enough to make it useless for "common" online applications like filesharing -- but how important is truly unbreakable cryptography for that (as opposed to mere unbreakable-within-the-lifetime-of-the-universe) ?
The author of this post asserts his moral rights.
You can run a brute-force attack against it. But you have no way of knowing that what you decrypt is the actual plain text. Any text of the correct length is a valid plain text.
Here's a string encrypted with a one-time pad:
FJERZFTHWRTUWZNE
Depending on my OTP, it can decrypt to either "SlashdotForever!", or "OneTimePads=Good". Actually, it's neither. It's my credit-card number. If you can decrypt it, it's yours.
Assorted stuff I do sometimes: Lemuria.org
That doesn't mean you don't need a traditional cryptosystem on top of it. An attacker could compromise the receiving end of the line and read the message without detection. You still need crypto to protect against this.
Can a quantum computer defeat quantum "cryptography?" No. QC is based on the "no cloning" theorem in quantum mechanics: it is physically impossible to precisely clone a quantum state, without destroying that quantum state. No trickery will ever get around that fact.